17 



Claims : 

1 . A method for transmitting an encryption number in a communication 
system (1) comprising mobile terminals (MT1 — MT4) and at least a first 

5 access point (AP1) and a second access point (AP2), the method com- 
prising the steps of: 

— defining a set of encryption keys, 

— selecting at each said access point (AP1 , AP2) from said set of 
encryption keys one to be used at a time for encrypting information 

10 to be transmitted between said access point (AP1, AP2) and 

mobile terminal (MT1 — MT4), 

— transmitting from the access point (AP1, AP2), at intervals, data 
about the encryption key selected at the time, 

— setting up a data transmission connection between a mobile termi- 
15 nal (MT1 — MT4) and the first access point (AP1) for the transmis- 
sion of information, and 

— performing a handover, whereby a data transmission connection is 
set up between the second access point (AP2) and the mobile 
terminal (MT1 — MT4), 

20 characterized in that in the method, in connection with the handover, 
information is transmitted to the mobile terminal (MT1 — MT4) about the 
encryption key selected at the second access point (AP2). 

2. The method according to claim 1, characterized in that each 
25 encryption key in said set of encryption keys is allocated an encryption 

number (Kl), wherein said encryption number (Kl) is used as said data 
about the encryption key selected. 

3. The method according to claim 1 or 2, in which information is 
30 transmitted in data frames (FR), characterized in that the encryption 

key is changed in connection with each data frame (FR). 

4. The method according to claim 3, in which some of the data frames 
are used as common data frames for transmitting information from the 

35 second access point (AP2) to more than one mobile terminal 
(MT1 — MT4), characterized in that said data about the encryption key 
is transmitted in another data frame than said common data frame. 
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5. The method according to any of the claims 1 to 4, characterized 
in that said set of encryption keys is stored in said access points (AP1, 
AP2) and in the mobile terminal (MT1 — MT4). 

5 6. The method according to any of the claims 1 to 5, characterized 
in that the mobile terminal (MT1 — MT4) informs said second access 
point (AP2) about a need for handover, wherein said second access 
point (AP2) transmits information about the encryption key selected at 
the second access point (AP2) at the moment to the mobile terminal 
10 (MT1 — MT4). 

7. The method according to any of the claims 1 to 5, characterized 
in that the mobile terminal (MT1 — MT4) informs said first access point 
(AP1) about a need for handover, that said first access point (AP1) 
15 transmits information about the handover to said second access point 
(AP2), wherein said second access point (AP2) transmits information 
about the encryption key selected at the second access point (AP2) at 
the time to the mobile terminal (MT1 — MT4). 

20 8. The method according to any of the claims 1 to 5, characterized 
in that the first access point (AP1 ) executes a forced handover, in which 
the mobile terminal (MT1 — MT4) communicating with said first access 
point is transferred to communicate with said second access point 
(AP2), that said first access point (AP1) transmits information about the 

25 handover to said second access point (AP2), wherein said second 
access point (AP2) transmits information about the encryption key 
selected at the second access point (AP2) at the time to the mobile 
terminal (MT1 — MT4). 

30 9. A mobile communication system (1) comprising mobile terminals 
(MT1 — MT4), at least a first access point (AP1) and a second access 
point (AP2); a set of encryption keys being defined in the communica- 
tion system (1); the access point (AP1, AP2) comprising means for 
selected from said set of encryption keys one at a time to be used for 

35 encryption of information to be transmitted between said access point 
(AP1, AP2) and mobile terminal (MT1 — MT4), and means for transmit- 
ting information about the encryption key selected at the time at inter- 
vals from the access point (AP1, AP2); the communication system (1) 
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also comprising means for setting up a data transmission connection 
between the mobile terminal (MT1 — MT4) and the first access point 
(AP1) for the transmission of information, and means for executing a 
handover and setting up a data transmission connection between the 
5 second access point (AP2) and the mobile terminal (MT1 — MT4), char- 
acterized in that the mobile communication system (1) also comprises 
means for transmitting information about the encryption key selected at 
the second access point (AP2) to the mobile terminal (MT1 — MT4) in 
connection with the handover. 

10 

10. The mobile communication system (1) according to claim 9, char- 
acterized in that it also comprises means for defining an encryption 
number for each encryption key in said set of encryption keys (ST), 
wherein said encryption number (Kl) is arranged to be used as said 

1 5 information about the encryption key selected. 

11. The mobile communication system (1) according to claim 9 or 10, 
which comprises means for transmitting information in data frames 
(FR), characterized in that the encryption key is arranged to be 

20 changed in connection with each data frame (FR). 

12. The mobile communication system (1) according to claim 11, in 
which some of the data frames are arranged to be used as common 
data frames for transmitting information from one access point (AP2) to 

25 more than one mobile terminal (MT1 — MT4), characterized in that 
said data about the encryption key is arranged to be transmitted in 
another data frame than said common data frame. 

13. The mobile communication system (1) according to any of the 
30 claims 9 to 12, characterized in that said set of encryption keys is 

stored at said access points (AP1, AP2) and mobile terminal 
(MT1 — MT4). 

14. The mobile communication system (1) according to any of the 
35 claims 9 to 13, characterized in that the mobile terminal (MT1 — MT4) 

comprises means (8, 11, 30) for informing said second access point 
(AP2) about the need for a handover, wherein data is arranged to be 
transmitted from said second access point (AP2) to the mobile terminal 
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(MT1 — MT4) about the encryption key selected at the second access 
point (AP2) at the time. 

15. The mobile communication system (1) according to any of the 
5 claims 9 to 1 3, characterized in that the mobile terminal (MT1 — MT4) 

comprises means (8, 11, 30) for informing said first access point (AP1) 
about the need for handover, 

16. The mobile communication system (1) according to any of the 
10 claims 9 to 13, characterized in that the first access point (AP1) 

comprises means for performing a forced handover, wherein the mobile 
terminal (MT1 — MT4) communicating with said first access point is 
arranged to be handed over to communicate with said second access 
point (AP2), and means for transmitting information about the handover 
15 to said second access point (AP2), wherein information about the 
encryption key selected at the second access point (AP2) at the time is 
arranged to be transmitted from said second access point (AP2) to the 
mobile terminal (MT1 — MT4). 



